/*     */ package com.zimbra.cs.service.admin;
/*     */ 
/*     */ import com.zimbra.common.account.Key.DomainBy;
/*     */ import com.zimbra.common.account.Key.ServerBy;
/*     */ import com.zimbra.common.service.ServiceException;
/*     */ import com.zimbra.common.soap.AdminConstants;
/*     */ import com.zimbra.common.soap.Element;
/*     */ import com.zimbra.cs.account.Account;
/*     */ import com.zimbra.cs.account.AccountServiceException;
/*     */ import com.zimbra.cs.account.Domain;
/*     */ import com.zimbra.cs.account.NamedEntry;
/*     */ import com.zimbra.cs.account.NamedEntry.Visitor;
/*     */ import com.zimbra.cs.account.Provisioning;
/*     */ import com.zimbra.cs.account.Server;
/*     */ import com.zimbra.cs.account.accesscontrol.AdminRight;
/*     */ import com.zimbra.cs.account.accesscontrol.Rights.Admin;
/*     */ import com.zimbra.soap.ZimbraSoapContext;
/*     */ import java.util.Iterator;
/*     */ import java.util.List;
/*     */ import java.util.Map;
/*     */ import org.dom4j.QName;
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ public class GetAllAccounts
/*     */   extends AdminDocumentHandler
/*     */ {
/*     */   public static final String BY_NAME = "name";
/*     */   public static final String BY_ID = "id";
/*     */   
/*     */   public boolean domainAuthSufficient(Map context)
/*     */   {
/*  57 */     return true;
/*     */   }
/*     */   
/*     */   public Element handle(Element request, Map<String, Object> context) throws ServiceException
/*     */   {
/*  62 */     ZimbraSoapContext zsc = getZimbraSoapContext(context);
/*  63 */     Provisioning prov = Provisioning.getInstance();
/*     */     
/*  65 */     Element response = null;
/*     */     
/*  67 */     Element s = request.getOptionalElement("server");
/*  68 */     Server server = null;
/*  69 */     if (s != null) {
/*  70 */       String key = s.getAttribute("by");
/*  71 */       String value = s.getText();
/*  72 */       if (key.equals("name")) {
/*  73 */         server = prov.get(Key.ServerBy.name, value);
/*  74 */       } else if (key.equals("id")) {
/*  75 */         server = prov.get(Key.ServerBy.id, value);
/*     */       } else {
/*  77 */         throw ServiceException.INVALID_REQUEST("unknown value for server by: " + key, null);
/*     */       }
/*  79 */       if (server == null) {
/*  80 */         throw AccountServiceException.NO_SUCH_SERVER(value);
/*     */       }
/*     */     }
/*  83 */     Element d = request.getOptionalElement("domain");
/*     */     
/*  85 */     if ((d != null) || (isDomainAdminOnly(zsc)))
/*     */     {
/*  87 */       String key = d == null ? "name" : d.getAttribute("by");
/*  88 */       String value = d == null ? getAuthTokenAccountDomain(zsc).getName() : d.getText();
/*     */       
/*  90 */       Domain domain = null;
/*     */       
/*  92 */       if (key.equals("name")) {
/*  93 */         domain = prov.get(Key.DomainBy.name, value);
/*  94 */       } else if (key.equals("id")) {
/*  95 */         domain = prov.get(Key.DomainBy.id, value);
/*     */       } else {
/*  97 */         throw ServiceException.INVALID_REQUEST("unknown value for domain by: " + key, null);
/*     */       }
/*     */       
/* 100 */       if (domain == null) {
/* 101 */         throw AccountServiceException.NO_SUCH_DOMAIN(value);
/*     */       }
/* 103 */       checkDomainRight(zsc, domain, AdminRight.PR_ALWAYS_ALLOW);
/*     */       
/* 105 */       response = zsc.createElement(getResponseQName());
/* 106 */       doDomain(zsc, response, domain, server);
/*     */     }
/*     */     else {
/* 109 */       response = zsc.createElement(getResponseQName());
/* 110 */       List domains = prov.getAllDomains();
/* 111 */       Iterator dit; if (domains != null) {
/* 112 */         for (dit = domains.iterator(); dit.hasNext();) {
/* 113 */           Domain domain = (Domain)dit.next();
/* 114 */           doDomain(zsc, response, domain, server);
/*     */         }
/*     */       } else {
/* 117 */         doDomain(zsc, response, null, server);
/*     */       }
/*     */     }
/* 120 */     return response;
/*     */   }
/*     */   
/*     */   protected QName getResponseQName() {
/* 124 */     return AdminConstants.GET_ALL_ACCOUNTS_RESPONSE;
/*     */   }
/*     */   
/*     */   protected static class AccountVisitor implements NamedEntry.Visitor {
/*     */     ZimbraSoapContext mZsc;
/*     */     AdminDocumentHandler mHandler;
/*     */     Element mParent;
/*     */     AdminAccessControl mAAC;
/*     */     
/*     */     AccountVisitor(ZimbraSoapContext zsc, AdminDocumentHandler handler, Element parent) throws ServiceException {
/* 134 */       this.mZsc = zsc;
/* 135 */       this.mHandler = handler;
/* 136 */       this.mParent = parent;
/* 137 */       this.mAAC = AdminAccessControl.getAdminAccessControl(zsc);
/*     */     }
/*     */     
/*     */     public void visit(NamedEntry entry) throws ServiceException {
/* 141 */       if (this.mAAC.hasRightsToList(entry, Rights.Admin.R_listAccount, null)) {
/* 142 */         ToXML.encodeAccount(this.mParent, (Account)entry, true, null, this.mAAC.getAttrRightChecker(entry));
/*     */       }
/*     */     }
/*     */   }
/*     */   
/*     */   protected void doDomain(ZimbraSoapContext zsc, Element e, Domain d, Server s) throws ServiceException {
/* 148 */     AccountVisitor visitor = new AccountVisitor(zsc, this, e);
/* 149 */     Provisioning.getInstance().getAllAccounts(d, s, visitor);
/*     */   }
/*     */   
/*     */   public void docRights(List<AdminRight> relatedRights, List<String> notes)
/*     */   {
/* 154 */     relatedRights.add(Rights.Admin.R_listAccount);
/* 155 */     relatedRights.add(Rights.Admin.R_getAccount);
/*     */     
/* 157 */     notes.add("If the authenticated admin does not have the corresponding list{Entry} right for an entry, the entry is skipped in the getAllXXX/searchXXX/searchDirectoryResponse,  no PERM_DENIED exception will be thrown. Attributes that are not allowed to be get by the authenticated admin will be returned as <a n=\"{attr-name}\" pd=\"1\"/>.");
/*     */   }
/*     */ }


/* Location:              /home/mint/zimbrastore.jar!/com/zimbra/cs/service/admin/GetAllAccounts.class
 * Java compiler version: 7 (51.0)
 * JD-Core Version:       0.7.1
 */